> YAMAMOTO Takashi wrote:
> 
> > i meant, don't bother to have __HAVE_*, and just do:
> > 
> > 	switch (action) {
> > 	case KAUTH_MACHDEP_UNMANAGEDMEM
> > 			:
> > 			:
> > 		break;
> > 	case KAUTH_MACHDEP_IOPL
> > 			:
> > 			:
> > 		break;
> > 	}
> 
> and, on machines with no 'iopl' request, what would KAUTH_MACHDEP_IOPL
> be?

on machines with no 'iopl' request, KAUTH_MACHDEP_IOPL case can't be
executed, like the current KAUTH_MACHDEP_otherports.

> and would that mean that there's code that appears to be handled in
> the secmodel, but really isn't?

i'm not sure what you mean here.

> > in the case of UNMANAGEDMEM, i don't see why they require
> > different handlings.  i suggest just to unify them.
> > ie. do both for KAUTH_MACHDEP_UNMANAGEDMEM.
> 
> I've asked about it in the past, twice:
> http://mail-index.netbsd.org/tech-kern/2006/08/20/0002.html
> http://mail-index.netbsd.org/tech-kern/2006/10/10/0003.html
> 
> you had this to say:
> http://mail-index.netbsd.org/tech-kern/2006/10/25/0018.html
> 
> do you suggest to change security semantics so that we can have shorter
> code? :)

why each ports check root and securelevel differently (which is what
we are talking about, right?) seems unknown and unmaintainable.
i don't see much point to keep it as-is.

> > if something really needs different handling, we can use either of
> > separate KAUTH_MACHDEP_xxx or an MD helper function.
> 
> what will happen eventually, I'm afraid, is that we can end up with
> a lot of #ifdefs, per-arch functions, and much more disorder than what
> we have now.

do we have so many candidates of machdep actions?

YAMAMOTO Takashi